[AppSec]

I have to actually disagree that complete re-writes are bad. Like anything else, there are very valid reasons for it.

There are several reasons to do a re-write: 1) The technology stack has changed and implemented new features which will make future maintenance easier (or has found issues with underlying implementations in older versions).

2) Business process/site design issues have come out for which patching code will cause undo stress to the code structure.

3) Those edge cases discussed that have been added are causing severe performance issues because the customer/end user is using the system differently than expected.

4) Underlying security vulnerabilities.

Now, re-writing/re-factoring for the sake of doing it is probably a waste.